Cyber Spies Go Mainstream

Uploaded on 2017-05-12 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Manufacturing

Cyber espionage appears to have hit the mainstream, dominated by state-sponsored operatives and taking the slot as most popular attack method in the public sector, education and manufacturing industries, according to Verizon.

The firm’s much anticipated 2017 Data Breach Investigations Report revealed that one in five (21%) breaches were related to espionage: that’s a total of 289 over the report period, more than 90% of which were state-backed.

The fruits of these efforts have been widely reported in recent months, most notably the Kremlin’s attempts to influence the outcome of the US presidential election by hacking and then leaking sensitive Democratic Party officials’ emails.

This week, Trend Micro claimed that a group allied to Russia’s interests, known as APT28, Pawn Storm and Fancy Bear, had also registered phishing emails to target the campaign of French presidential Emmanuel Macron.

“The proportion of attacks motivated by the state is still on the rise, and these hackers are becoming more aggressive each year,” Verizon managing principal of investigative response, Laurance Dine, told Infosecurity Magazine.

“The report reveals that state-affiliated actors were responsible for a quarter of its recorded phishing attacks, almost three times as many compared to the 2016 DBIR, where they were responsible for just 9% of phishing attacks.”

Phishing has become a hugely successful tactic overall, present in a fifth (21%) of attacks, up from just 8% last year.

Linked to that stat is another that organizations should take note of: 81% of hacking-related breaches succeed through stolen, weak or easy-to-guess passwords.

It’s clear that staff training on how to spot phishing, combined with a move away from password-based authentication to multi-factor systems, should be encouraged.

Overall, the volume of breaches and stolen records has risen sharply in recent years. Just four million records were lost in 2011, whereas this year’s report covered 1945 breaches including 20 where over a million records were lost.

Financially motivated attacks dominated the breaches analyzed by Verizon, accounting for 73%.

Dine recommended layered security as a key strategy to mitigate the risks posed by an increasingly agile and determined enemy.

“With a lot of espionage attacks, hackers want to have access for as long as possible without being detected. They get into the network, do some foot-printing and scanning, see what they can get, and can stay under the radar by piggybacking off normal activity. This means hackers can just get one code to the backdoor and they get the keys to the kingdom,” he explained.

“Our advice would be to only give people privileges to certain parts of the network that they actually need to do their job. It is also important to have network monitoring to identify any unusual activity, so that if a hacker has gained access then they can be detected. 

“Monitor outbound traffic to see if anyone is making connections that they have no logical reason to be making, if people are doing things they have nothing to do with their jobs it should raise an alarm. It all goes back to the idea of assuming you have been breached and looking for intruders to give themselves away. Layered security is the only way to do this.”

Infosecurity:

You Might Also Read:

Are Employees Your Weakest Link When It Comes To Security?:

Technology Can Not Diminish Insider Threats By Itself:

US Intelligence Agencies Fear Insiders As Much As Spies:

Safeguard Data When Employees Leave:

 

 

« Macron Hackers Linked To Russian Intelligence
Massive Ransom Attack Hits 99 Countries »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

International Federation of Robotics (IFR)

International Federation of Robotics (IFR)

The International Federation of Robotics connects the world of robotics around the globe. Our members come from the robotics industry, industry associations and research & development institutes.

Fidus Information Security

Fidus Information Security

Fidus is a team of security professionals providing Penetration Testing and Cyber Security Consulting services throughout the UK and worldwide.

Navarino

Navarino

Navarino is the maritime industry’s most advanced communications and connectivity company. We develop advanced technologies and innovative IT solutions including cyber security.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Trust Stamp

Trust Stamp

Trust Stamp provide Identity and Trust as a Service to answer two fundamental questions: “Who are you?” and “Do I trust you?"

International College For Security Studies (ICSS)

International College For Security Studies (ICSS)

ICSS India offers technical education to students, clients and partners in IT Industry by our well qualified, certified and experienced trainers.

Aleo

Aleo

Aleo is building the world's leading developer platform for enabling absolute privacy on blockchains.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Cyera

Cyera

Cyera is the data security company that gives businesses context and control over their most valuable asset: data.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

Omdia

Omdia

Omdia is a technology research and advisory group. Our deep knowledge of tech markets combined with our actionable insights empower organizations to make smart growth decisions.

RAD Security

RAD Security

RAD Security (formerly KSOC) is a cloud native security company that empowers engineering and security teams to drive innovation so they can focus on growth versus security problems.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.